AWS SAA-C03 Exam (Concepts)
questions well answers
Region - correct answer ✔✔Regions in AWS refer to geographical locations around the world
where AWS data centers are located. Each region is a separate geographic area that consists of
multiple availability zones. AWS regions allow users to deploy resources close to their end-users
or in specific geographic locations for compliance purposes.
AZ - correct answer ✔✔Availability Zones (AZs) in AWS are isolated locations within a region for
fault tolerance. They provide redundancy and scalability by ensuring resources are spread
across multiple data centers. AZs enable high availability, fault isolation, load balancing, disaster
recovery, and compliance with data residency requirements.
IAM - correct answer ✔✔IAM (Identity and Access Management) is AWS's service for securely
managing user access to resources. It controls permissions, supports auditing, and integrates
with other AWS services.
IAM Users - correct answer ✔✔Individuals or services granted access to AWS resources.
Managed via IAM, users have credentials and defined permissions. They can belong to groups
for easier management, and their access can be controlled and monitored through policies for
security and compliance.
IAM Groups - correct answer ✔✔Groups allow for easier management of permissions by
assigning policies to multiple users simultaneously. This simplifies access control and ensures
consistency across users with similar roles or responsibilities.
IAM Policies - correct answer ✔✔JSON documents defining permissions for IAM users, groups,
or roles. They specify what actions can be performed on which resources. Policies can be
attached to identities or resources, allowing fine-grained access control and security
management within AWS.
,IAM MFA - correct answer ✔✔An extra layer of security for IAM users, requiring an additional
verification step beyond username and password, typically a temporary code from a physical or
virtual device. MFA strengthens account protection against unauthorized access.
Access Keys - correct answer ✔✔Credentials used by applications or users to access AWS
services programmatically. Consists of an access key ID and a secret access key. Access keys are
essential for authentication in API requests and should be kept secure.
SDKs - correct answer ✔✔Tools and libraries provided by AWS for developing applications that
interact with AWS services. SDKs are available in multiple programming languages, facilitating
seamless integration and simplifying the process of building, deploying, and managing
applications on AWS.
CLI - correct answer ✔✔A unified tool for managing AWS services from the command line. It
provides a set of commands for performing tasks such as managing resources, configuring
services, and automating workflows. The AWS CLI offers flexibility and efficiency in interacting
with AWS services programmatically.
AWS Cloudshell - correct answer ✔✔A browser-based, interactive shell environment provided
by AWS. It offers a command-line interface pre-configured with AWS CLI and other tools,
enabling users to manage AWS resources directly from the browser without needing to install or
configure additional software.
IAM Roles for AWS Services - correct answer ✔✔IAM entities with temporary credentials that
AWS services assume to perform actions on your behalf. These roles enable secure access and
simplify permissions management for services like Lambda, EC2, and others, enhancing security
and reducing the need for long-term credentials.
IAM Security Tools - correct answer ✔✔AWS services and features used to enhance the security
of IAM (Identity and Access Management). These tools include IAM Access Analyzer, IAM Policy
,Simulator, and IAM Credentials Report, providing insights, simulations, and monitoring to help
secure IAM configurations and permissions effectively.
IAM Best Practices - correct answer ✔✔These practices include implementing the principle of
least privilege, regularly reviewing and auditing permissions, enabling MFA, using IAM roles for
temporary access, and leveraging IAM policies and groups for centralized management and
consistency.
EC2 - correct answer ✔✔A web service that provides resizable compute capacity in the cloud. It
allows users to launch virtual servers (instances) and scale capacity up or down as needed. EC2
instances can be used for a variety of computing tasks, from hosting websites to running
complex applications.
EC2 User Data - correct answer ✔✔A feature allowing users to pass metadata to EC2 instances
during launch. This data can be scripts, commands, or configuration files, enabling automated
setup and customization of instances. Useful for tasks such as software installation,
configuration, and bootstrapping.
EC2 instance types - correct answer ✔✔t3.micro: Entry-level instance suitable for low-traffic
applications and testing.
m5.large: General-purpose instance offering balanced compute, memory, and networking
resources.
c5.xlarge: Compute-optimized instance designed for CPU-intensive workloads.
r5.large: Memory-optimized instance optimized for memory-intensive applications and
databases.
p3.2xlarge: GPU-accelerated instance ideal for machine learning and graphics processing tasks.
, Security Groups (EC2) - correct answer ✔✔Virtual firewalls controlling inbound and outbound
traffic for EC2 instances and other AWS resources. They act as a fundamental layer of security,
allowing users to define rules that permit or deny specific types of traffic based on protocols,
ports, and IP ranges.
Common EC2 Ports - correct answer ✔✔SSH (Secure Shell): Port 22
FTP (File Transfer Protocol): Port 21
SFTP (SSH File Transfer Protocol): Port 22 (uses SSH)
HTTP (Hypertext Transfer Protocol): Port 80
EC2 Instance Connect - correct answer ✔✔A feature allowing users to securely access EC2
instances using the AWS Management Console or CLI without needing to manage SSH keys
manually. It leverages IAM policies for fine-grained control over who can access instances,
enhancing security and simplifying access management.
EC2 Instance Purchasing Options - correct answer ✔✔Users can choose between On-Demand
Instances (pay-as-you-go), Reserved Instances (discounted for long-term commitments), Spot
Instances (bid-based pricing), and Dedicated Hosts (physical servers for compliance). Each
option offers different pricing models and flexibility based on workload requirements and
budget constraints.
Spot Instances - correct answer ✔✔AWS EC2 instances available at significantly reduced prices
compared to On-Demand instances. Users bid for spare capacity, and if the bid price exceeds
the Spot price, instances are terminated with a two-minute notice. Spot Instances are suitable
for fault-tolerant, flexible, and cost-effective workloads.
Spot Fleet - correct answer ✔✔A feature allowing users to provision a collection of Spot
Instances, On-Demand Instances, and optionally Reserved Instances or Scheduled Instances,
within a single request. Spot Fleets help optimize costs and availability by combining various
instance types and pricing models to meet workload requirements efficiently.
questions well answers
Region - correct answer ✔✔Regions in AWS refer to geographical locations around the world
where AWS data centers are located. Each region is a separate geographic area that consists of
multiple availability zones. AWS regions allow users to deploy resources close to their end-users
or in specific geographic locations for compliance purposes.
AZ - correct answer ✔✔Availability Zones (AZs) in AWS are isolated locations within a region for
fault tolerance. They provide redundancy and scalability by ensuring resources are spread
across multiple data centers. AZs enable high availability, fault isolation, load balancing, disaster
recovery, and compliance with data residency requirements.
IAM - correct answer ✔✔IAM (Identity and Access Management) is AWS's service for securely
managing user access to resources. It controls permissions, supports auditing, and integrates
with other AWS services.
IAM Users - correct answer ✔✔Individuals or services granted access to AWS resources.
Managed via IAM, users have credentials and defined permissions. They can belong to groups
for easier management, and their access can be controlled and monitored through policies for
security and compliance.
IAM Groups - correct answer ✔✔Groups allow for easier management of permissions by
assigning policies to multiple users simultaneously. This simplifies access control and ensures
consistency across users with similar roles or responsibilities.
IAM Policies - correct answer ✔✔JSON documents defining permissions for IAM users, groups,
or roles. They specify what actions can be performed on which resources. Policies can be
attached to identities or resources, allowing fine-grained access control and security
management within AWS.
,IAM MFA - correct answer ✔✔An extra layer of security for IAM users, requiring an additional
verification step beyond username and password, typically a temporary code from a physical or
virtual device. MFA strengthens account protection against unauthorized access.
Access Keys - correct answer ✔✔Credentials used by applications or users to access AWS
services programmatically. Consists of an access key ID and a secret access key. Access keys are
essential for authentication in API requests and should be kept secure.
SDKs - correct answer ✔✔Tools and libraries provided by AWS for developing applications that
interact with AWS services. SDKs are available in multiple programming languages, facilitating
seamless integration and simplifying the process of building, deploying, and managing
applications on AWS.
CLI - correct answer ✔✔A unified tool for managing AWS services from the command line. It
provides a set of commands for performing tasks such as managing resources, configuring
services, and automating workflows. The AWS CLI offers flexibility and efficiency in interacting
with AWS services programmatically.
AWS Cloudshell - correct answer ✔✔A browser-based, interactive shell environment provided
by AWS. It offers a command-line interface pre-configured with AWS CLI and other tools,
enabling users to manage AWS resources directly from the browser without needing to install or
configure additional software.
IAM Roles for AWS Services - correct answer ✔✔IAM entities with temporary credentials that
AWS services assume to perform actions on your behalf. These roles enable secure access and
simplify permissions management for services like Lambda, EC2, and others, enhancing security
and reducing the need for long-term credentials.
IAM Security Tools - correct answer ✔✔AWS services and features used to enhance the security
of IAM (Identity and Access Management). These tools include IAM Access Analyzer, IAM Policy
,Simulator, and IAM Credentials Report, providing insights, simulations, and monitoring to help
secure IAM configurations and permissions effectively.
IAM Best Practices - correct answer ✔✔These practices include implementing the principle of
least privilege, regularly reviewing and auditing permissions, enabling MFA, using IAM roles for
temporary access, and leveraging IAM policies and groups for centralized management and
consistency.
EC2 - correct answer ✔✔A web service that provides resizable compute capacity in the cloud. It
allows users to launch virtual servers (instances) and scale capacity up or down as needed. EC2
instances can be used for a variety of computing tasks, from hosting websites to running
complex applications.
EC2 User Data - correct answer ✔✔A feature allowing users to pass metadata to EC2 instances
during launch. This data can be scripts, commands, or configuration files, enabling automated
setup and customization of instances. Useful for tasks such as software installation,
configuration, and bootstrapping.
EC2 instance types - correct answer ✔✔t3.micro: Entry-level instance suitable for low-traffic
applications and testing.
m5.large: General-purpose instance offering balanced compute, memory, and networking
resources.
c5.xlarge: Compute-optimized instance designed for CPU-intensive workloads.
r5.large: Memory-optimized instance optimized for memory-intensive applications and
databases.
p3.2xlarge: GPU-accelerated instance ideal for machine learning and graphics processing tasks.
, Security Groups (EC2) - correct answer ✔✔Virtual firewalls controlling inbound and outbound
traffic for EC2 instances and other AWS resources. They act as a fundamental layer of security,
allowing users to define rules that permit or deny specific types of traffic based on protocols,
ports, and IP ranges.
Common EC2 Ports - correct answer ✔✔SSH (Secure Shell): Port 22
FTP (File Transfer Protocol): Port 21
SFTP (SSH File Transfer Protocol): Port 22 (uses SSH)
HTTP (Hypertext Transfer Protocol): Port 80
EC2 Instance Connect - correct answer ✔✔A feature allowing users to securely access EC2
instances using the AWS Management Console or CLI without needing to manage SSH keys
manually. It leverages IAM policies for fine-grained control over who can access instances,
enhancing security and simplifying access management.
EC2 Instance Purchasing Options - correct answer ✔✔Users can choose between On-Demand
Instances (pay-as-you-go), Reserved Instances (discounted for long-term commitments), Spot
Instances (bid-based pricing), and Dedicated Hosts (physical servers for compliance). Each
option offers different pricing models and flexibility based on workload requirements and
budget constraints.
Spot Instances - correct answer ✔✔AWS EC2 instances available at significantly reduced prices
compared to On-Demand instances. Users bid for spare capacity, and if the bid price exceeds
the Spot price, instances are terminated with a two-minute notice. Spot Instances are suitable
for fault-tolerant, flexible, and cost-effective workloads.
Spot Fleet - correct answer ✔✔A feature allowing users to provision a collection of Spot
Instances, On-Demand Instances, and optionally Reserved Instances or Scheduled Instances,
within a single request. Spot Fleets help optimize costs and availability by combining various
instance types and pricing models to meet workload requirements efficiently.
